Privacy

https://fightchatcontrol.eu/

https://www.euronews.com/next/2025/08/08/return-of-chat-control-something-is-rotten-in-the-state-of-denmark

I'm not sure what kind of algorithm they could use to find CSAM.

sauce

San Francisco billionaire Chris Larsen once again has wielded his wallet to keep city residents under the eye of all-seeing police surveillance.

The San Francisco Police Commission, the Board of Supervisors, and Mayor Daniel Lurie have signed off on Larsen’s $9.4 million gift of a new Real-Time Investigations Center. The plan involves moving the city’s existing police tech hub from the public Hall of Justice not to the city’s brand-new police headquarters but instead to a sublet in the Financial District building of Ripple Labs, Larsen’s crypto-transfer company. Although the city reportedly won’t be paying for the space, the lease reportedly cost Ripple $2.3 million and will last until December 2026.

The deal will also include a $7.25 million gift from the San Francisco Police Community Foundation that Larsen created. Police foundations are semi-public fundraising arms of police departments that allow them to buy technology and gear that the city will not give them money for.

The United States has emerged as the largest investor in commercial spyware—a global industry that has enabled the covert surveillance of journalists, human rights defenders, politicians, diplomats, and others, posing grave threats to human rights and national security.

Metadata is as sensitive as the content of communications. There is this wrong idea – especially in the mind of policy-makers when we meet them – that metadata, so the data about the communications, is less sensitive than content data. This is this myth that we have to bust every time when we talk about this topic.“

im working on a proof-of-concept messaging app. it has a fairly unique architecture which i think makes it so ChatControl wouldnt affect it... but im not an expert in laws, so im sure im not asking the right questions. any guidance is appriciated.

to make things clear: my project is far from finished. its pretty experiemental, unstable and buggy. im not at a stage where i can say my app is watertight... but that is my general aim.

i think the code for my app is too complicated and not well documented for anyone to pick up and look at in their spare time, so i think its better i describe how it works (please reach out for clarity on any details i may miss!). i hope it can be used to determine how ChatControl can apply to my project.

• im working on a fully client-side messaging app. cryptography is done client-side using browser API's to generate encryption keys. messages are encrypted client-side and decrypted on the recieving client-side

• as a webapp i can avoid installation and registration so there are no databases with registered users that can be compromized. user ID's are cryptographically random. this allows allows profiles to be as ephemeral or persistent as the user wants.

• the app is using webrtc to exchange messages which are then stored on the recieving device client-side only. there is no database storing "pending" messages. if your peer is offline, you cannot send a message.

there are a lot of nuances to a p2p-only messaging app, but i hope that by reducing the amount of infrastructure, it can simplify e2ee.

i dont think its written well enough to be worth your time to do a deep dive into my code, but you can find it here: https://github.com/positive-intentions/chat

• Over 500 cryptography scientists and researchers have signed a joint letter against the EU's controversial child sexual abuse (CSAM) scanning proposal
• Experts warn that the Danish version of the text still fails to address concerns around encryption, indiscriminate surveillance, and accuracy
• EU Council members must share their final positions on the so-called Chat Control bill on September 12

The EU is planning to strike a deal with the US that would let the Department of Homeland Security and other agencies search European databases to identify people posing “a threat to US security,” according to a proposal published by the European Commission at the end of July.